For the migration to work properly, and to avoid data loss, the first step is locking the legacy permissions tables.
The lock is done by creating a trigger that throws an error when a customer tries to manipulate the old permissions tables.
Creating these triggers requires the DB user to have special grants. For example, in MySQL/MariaDB, the user has to have SUPER user grants.
If the user doesn't have the proper permissions to create these triggers, the migration will fail.
The migration name is: V7_82_0_1__PermissionsV2DataMigration